FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mybb -- vulnerabilities

Affected packages
mybb < 1.8.16

Details

VuXML ID bfd5d004-81d4-11e8-a29a-00e04c1ea73d
Discovery 2018-07-04
Entry 2018-07-07

mybb Team reports:

High risk: Image and URL MyCode Persistent XSS

Medium risk: Multipage Reflected XSS

Low risk: ACP logs XSS

Low risk: Arbitrary file deletion via ACP’s Settings

Low risk: Login CSRF

Low risk: Non-video content embedding via Video MyCode

[source]

References

URL https://blog.mybb.com/2018/07/04/mybb-1-8-16-released-security-maintenance-release/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.